How severe is CVE-2025-6967?

High severity. CVSS v3 base score is 8.7 out of 10.

Vulnerability in Sarman Soft Software And Technology Services Industry Trade Ltd. Co. Cms

CVE-2025-6967

Execution After Redirect (EAR) vulnerability in Sarman Soft Software and Technology Services Industry and Trade Ltd. Co. CMS allows JSON Hijacking (aka JavaScript Hijacking), Authentication Bypass. This issue affects CMS: through 10022026…

EPSS: 0.000 (10.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.7 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N.

Affected products

Sarman Soft Software And Technology Services Industry Trade Ltd. Co. Cms — versions 0

Weakness classification (CWE)

CWE-698

References

iletisim@usom.gov.tr (third-party-advisory)
iletisim@usom.gov.tr

Frequently asked questions

What is CVE-2025-6967?: CVE-2025-6967 is a high-severity vulnerability in Sarman Soft Software And Technology Services Industry Trade Ltd. Co. Cms, classified under CWE-698. CVSS score: 8.7/10. Published 2026-02-10.
How severe is CVE-2025-6967?: High severity. CVSS v3 base score is 8.7 out of 10.